An Authoritative Opinion Comparing Security in Linux and Microsoft Windows

I spent a few hours at the nearby Yorktown (YKT) Research Lab a couple of days ago to make use of the high-speed (1GB/s) internet. It’s also pleasant to work in the YKT cafeteria, as there is a great view, nice wooden tables, the hum of conversation, and fresh coffee (which is also free on Mondays).

On my way out I saw Barry Leiba sitting in the lobby. I’ve known Barry for well over decade. Though we never worked together professionally, he was a regular attendee to the Friday Afternoon Tea that I hosted the last few years I was at Research.

I asked Barry what he was working on these days, and he said that for the past few years he had worked mostly on how to deal with the increasing flood of spam.

He said that it was — and would remain — a constant struggle, with the good guys trying to ward off the “evildoers” of spam.

I told Barry I understood that you generally had to take an action before the evildoer spammer sender could lure you into his lair, and he said this was true, if you were using up-to-date versions of software. That’s why I caution my family not to click on anything at a web site or in response in a request via an email, unless they have some confidence in the source.

I then asked how Linux compared with Windows when it came to spam. He said that there were few attacks on Apple and Linux, as the spamming evildoers had found such a rich source of prey due to the many flaws in Windows, and also of course the dominant position of Windows in the marketplace. Just as Willy Sutton responded to a query, “Why do you rob banks?” with the response, “Because that is where the money is,” spammers go after Windows because that’s their best potential source of ill-gotten gains.

I then asked if he knew of any successful virus mounted against Linux, and he reported that he couldn’t think of one.

This made sense to me. For example, I’ve heard several people with experience running open-source solutions in k12 schools report that one of the advantages in using Linux is that it is much secure. Indeed, it’s not that just that an open-source solution can be had for free, it’s that you don’t even need a solution since this is not a problem with Linux.

I also noticed my laptop was sluggish and quite unresponsive for close to half an hour this past afternoon, while Windows installed nine — nine! — security patches. Windows XP has been around for close to a decade, yet it still needs regular security patches. Yes, I know that Ubuntu also provides regular security updates, but I think it worth noting that Microsoft will only send out security patches that are absolutely essential, as it gains nothing by improving Windows XP in any way that might further encourage people to postpone — as so may are doing — migration from Windows XP to Vista.

I just looked up Barry on Google. I learned he is an active blogger, and was reminded of his sense of humor when I noted his “countdown clock.” It reports as I write this that “King George will be out of office in 438 days, 15:53:48.” (That’s why I used “evildoers” above.)

By the way, being named a Senior Technical Staff Member, or STSM, is a significant honor, and indicates that IBM considers Barry an authority in his area.

So do I.

So for what it’s worth, and — as I will reveal in a forthcoming post — I think my opinion is quite authoritative, Barry’s views comparing Microsoft and Linux security should be considered authoritative.

At least that’s the way this authoritative source of authoritative opinions sees it, but of course you will have to make your own call.

As I left the building I saw a limousine pull up to the door. When a woman emerged from the back, I guessed it was Dr. Carter. Knowing that SETI stands for Search for Extraterrestial Intelligence, I decided to have a little fun, and introduced myself to Dr. Carter by saying I was a friend of Barry, and had traveled to Yorktown from a planet in the Alpha Centauri star system to see how her work was progressing.